Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 22 14:43
    PinpointTownes closed #826
  • Jan 22 03:41

    PinpointTownes on dev

    Update OpenIddict.Validation.Sy… (compare)

  • Jan 22 03:41
    PinpointTownes closed #904
  • Jan 22 03:01
    PinpointTownes synchronize #904
  • Jan 22 02:47
    PinpointTownes assigned #904
  • Jan 22 02:47
    PinpointTownes labeled #904
  • Jan 22 02:47
    PinpointTownes milestoned #904
  • Jan 22 02:47
    PinpointTownes opened #904
  • Jan 21 01:39
    PinpointTownes commented #903
  • Jan 21 01:35

    PinpointTownes on dev

    Reject token requests containin… (compare)

  • Jan 21 01:35
    PinpointTownes closed #903
  • Jan 20 22:27
    ajfleming1 commented #903
  • Jan 20 22:25
    ajfleming1 synchronize #903
  • Jan 20 20:33
    PinpointTownes commented #903
  • Jan 20 20:33
    PinpointTownes milestoned #903
  • Jan 20 20:33
    PinpointTownes assigned #903
  • Jan 20 20:33
    PinpointTownes labeled #903
  • Jan 20 20:30
    ajfleming1 commented #706
  • Jan 20 20:29
    ajfleming1 opened #903
  • Jan 20 20:22
    PinpointTownes commented #706
bviale
@bviale
I may be wrong but from https://dotnet.microsoft.com/platform/support/policy/dotnet-core I understood that 2.1 support will end on Angust 21th 2021
Kévin Chalet
@PinpointTownes
UPDATE: In order to give customers a reasonable stepping stone on their path to migrating applications to ASP.NET Core on .NET Core, we are going to extend support and servicing for ASP.NET Core 2.1.x on .NET Framework to match the current support policy for the other package-based ASP.NET frameworks, e.g. MVC 5.x, Web API 2.x, SignalR 2.x. This effectively means the ASP.NET Core 2.1.x related packages (final detailed list TBD) will be supported indefinitely, beyond the 3 year LTS period for the .NET Core 2.1 train overall.
bviale
@bviale
But compared to other web frameworks, it can be considered as "forever" :smile:
Kévin Chalet
@PinpointTownes
There's an email that was sent to the MVP mailing list in August to update the support page and they said they would update it... but it's pretty clear they didn't :laughing:
bviale
@bviale
Thanks for the link, didn't know about that
Yeah, for their defense, "at least three years" includes "indefinitely" though
Kévin Chalet
@PinpointTownes
Yeah :smile:
bviale
@bviale
Well I'll do my first poc on the 2.x to enjoy the full documentation and samples then, and I'll migrate later when the stable 3.0 will be out
Kévin Chalet
@PinpointTownes
Wise plan :smile:
Curious: is it for a personal or pro app?
bviale
@bviale
pro
Kévin Chalet
@PinpointTownes
I'm always looking for contributors and sponsors so if your company is interested, let me know :smile:
bviale
@bviale
yeah, this is my first steps here but I'll definitely consider contributing if we decide to integrate the lib on production
Kévin Chalet
@PinpointTownes
:clap:
James
@Jimud1

Hey @PinpointTownes big fan and long time user of your library!
I'm using the opendict core within a 3.0 project,

This morning I've started getting the following error:
Unable to find package OpenIdDict with version (>= 3.0.0-alpha1.9603.83)

  • Found 22 version(s) in openiddict [Nearest version: 3.0.0-alpha1.9603.82)
  • Found 9 version(s) in nuget.org

here is my csproj
<PackageReference Include="OpenIddict.AspNetCore" Version="3.0.0-*" />
<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="3.0.0-*" />

and my nuget.config
<?xml version="1.0" encoding="utf-8"?>

<configuration>
<packageSources>
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
<add key="openiddict" value="https://www.myget.org/F/openiddict/api/v3/index.json" />
</packageSources>
</configuration>

any help you can provide would be greatly appreciated, thanks. James

Kévin Chalet
@PinpointTownes
@Jimud1 hey. Thanks for the kind words. I triggered a new build, just in case it would be a transient issue with packages publishing.
James
@Jimud1
Thanks for the quick reply! It sounds like that could be the case, just changed to use local for now :)
Kévin Chalet
@PinpointTownes
Done. Can you please try again? (with 3.0.0-alpha1.19604.59) :smile:
Kévin Chalet
@PinpointTownes
@Jimud1 did that work for you?
James
@Jimud1
Sorry @PinpointTownes just saw this, going to check now :)
Kévin Chalet
@PinpointTownes
Haha, no problem :smile:
James
@Jimud1
Yeah all up and working again
Thanks so much for the help! Absolute legend
Kévin Chalet
@PinpointTownes
lol, you're welcome :sweat_smile:
BTW, if you're interested in contributing or sponsoring the project, please don't hesitate!
bviale
@bviale
Hey, I had to go back using the 3.x version because I absolutely need the new EnableDegradedMode(); feature, my new requirement is to have my server working without any DB (I didn't find an easy way to use the 2.0.1 without database). Using the degraded mode, what is the way to sign in in a controller ? I'm having issues injecting the SignInManager<ApplicationUser> . Should I use services.AddIdentity<ApplicationUser, IdentityRole>() , without the AddEntityFrameworkStores part ?
Kévin Chalet
@PinpointTownes
It's up to you. Identity itself won't work without a DB, so you may want to use something else.
bviale
@bviale
Ok I see. If I don't use Identity, the HandleTokenRequestContext event will never be triggered right ? Should I move all the user/password check and grant the claims in the controller then ?
Kévin Chalet
@PinpointTownes
No, it's completely unrelated.
You can use either the events model (with HandleTokenRequestContext) or enable the pass-through mode and handle token requests in a MVC controller.
(well, I said a MVC controller but it could be a middleware or even a Carter module)
bviale
@bviale
My goal is to add a login page in the server itself , just like the AuthorizationServer in the CodeFlow sample
Kévin Chalet
@PinpointTownes
What's preventing you from doing that?
bviale
@bviale
So I think I'll need to do my magic in the POST Account/Login and I'll don't need the HandleTokenRequestContext right ?
I'm trying to figure how I can actually log the user here without using _signInManager.PasswordSignInAsync()
Kévin Chalet
@PinpointTownes
You can use the core authentication APIs provided by ASP.NET Core to create authentication cookies.
bviale
@bviale
Ok thanks, I'm going to try it

One last thing, I think it's a stupid one, I'm not able to simply use [Authorize] on my controllers.
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action<AuthenticationOptions> configureOptions).

In my startup I'm using the snippet you sent me yesterday

I tried to set a scheme as a parameter in services.AddAuthentication(); but it didn't work
Kévin Chalet
@PinpointTownes
The snippet I sent yesterday demonstrated how to use the password flow with the degraded mode. For the code flow - which is an interactive flow - you'll need extra things, like a cookie authentication middleware.
bviale
@bviale
oh ok I see, so both of my my issues will be gone once I'll set up the cookie authentification then, thanks
damccull
@damccull
Howdy. Been a very long time since I looked into openiddict and I've since gained a much better understanding of how the whole OIDC system works, though there's still some pain points and I still have to reference docs...a lot. Anyways, I was wondering what the current status for aspnetcore 3.0 is. I see the repo says the openiddict 3.0 code is still WIP, but can I use the 2.x branch with asp.net 3.0?
I see a post from @PinpointTownes about this very issue...so yes, I would like to try it out :D If it's available.
Man, I should read before I post, lol. Thanks @PinpointTownes I'll just download 2.0.1 and see how it goes :D
Kévin Chalet
@PinpointTownes
@damccull haha, yeah, both 2.0.1 and 3.0 are compatible with ASP.NET Core.
If you need a production-ready stuff, go with 2.0.1. If you prefer the latest and coolest stuff, 3.0 is for you!
damccull
@damccull
@PinpointTownes is 3.0 stable enough to use on a low traffic game guild site without a bunch of crashes?
I think now that i finally understand how the actual flows work I might be able to get openiddict to work this time :D
Kévin Chalet
@PinpointTownes
lol yeah :smile: